;; This is an operating system configuration template
;; for a "bare bones" setup, with no X11 display server.

(use-modules (gnu))
(use-service-modules networking ssh)
(use-package-modules admin certs curl networking tmux)

(operating-system
  (host-name "kubevirt-guix")
  (timezone "Europe/Moscow")
  (locale "en_US.utf8")

  ;; Boot in "legacy" BIOS mode, assuming /dev/sdX is the
  ;; target hard disk, and "my-root" is the label of the target
  ;; root file system.
  (bootloader (bootloader-configuration
                (bootloader grub-bootloader)
                (targets '("/dev/vda"))))
  (file-systems (cons (file-system
                        (device (file-system-label "Guix_image"))
                        (mount-point "/")
                        (type "ext4"))
                      %base-file-systems))

  ;; Globally-installed packages.
  (packages (cons* tmux curl %base-packages))

  ;; Add services to the baseline: a DHCP client and
  ;; an SSH server.
  ;; If you add an /etc/yggdrasil-private.conf, you can log in to ssh
  ;; using your Yggdrasil IPv6 address from another machine running Yggdrasil.
  ;; Alternatively, the client can sit behind a router that has Yggdrasil.
  ;; That file is specifically _not_ handled by Guix, because we don't want its
  ;; contents to sit in the world-readable /gnu/store.
  (services
   (append
    (list
     (service dhcp-client-service-type)
     (service openssh-service-type
              (openssh-configuration
               (permit-root-login 'prohibit-password)
               (authorized-keys
                `(("root" ,(local-file "/home/oleg/.local/share/chezmoi/dotfiles/guixsd/ssh/id_rsa_vm1.wugi.info.pub")))))))
    (modify-services %base-services
      (guix-service-type config => (guix-configuration
                                    (authorized-keys (append (list (local-file "/home/oleg/.local/share/chezmoi/dotfiles/guixsd/etc/substitutes/guix.wugi.info.pub"))
                                                             %default-authorized-guix-keys))))))))
